package com.atguigu.security.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import reactor.core.publisher.Mono;

/**
 * @author Jungle
 * @create 2024-01-17 21:32
 */
@RequestMapping("/security")
@RestController
public class HelloController {
    // 总结
    // 使用 hasAnyRole控制权限，直接使用hasAuthority 会有问题
    @PreAuthorize("hasAnyRole('admin')")
    @GetMapping("/hello")
    public Mono<String> hello() {
        return Mono.just("hello world !");

    }
    //支持SPEL表达式
    @PreAuthorize("hasRole('admin')||hasAuthority('haha')")
    @GetMapping("/world")
    public Mono<String> world() {
        return Mono.just("world !! !");
    }

}
